Bluepurple Pulse: week ending October 9th
Giving back is 💖 - an ode to open source in cyber defence
Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.
Operationally this week it has been driven by the disclosure of vulnerabilities such as the new zero days exploited in Microsoft Exchange (in less than 10 organisations globally it transpires) at the start. In the middle we had the flap about Chinese APT in the defence supply base in the US. Then towards the end of the week the Fortinet vulnerabilities (critical remotes). It is almost like everything is systemically vulnerable and we are playing whack a mole.
In the high-level this week:
A Proclamation on Cybersecurity Awareness Month, 2022 - The White House doing what it does best as we enter October.
Office of the National Cyber Director Requests Your Insight and Expertise on Cyber Workforce, Training, and Education - The White House - scale of the talent supply gap is key here - with estimates of approximately 700,000 open positions.
Keep reading with a 7-day free trial
Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.